lecture: Tales from the hunt
Some less hyped bugs in (web)apps
Everyone is talking about common classes of bugs, sql injection, XSS, CSRF, IDOR etc... But, as in all things in life, there are more, fancier things that true bug connoisseurs love. This talk will show an overview of some less known classes of application security bugs, which in turn, can have a more flashier impact, think from an input, to full on remote code execution on the target. So if you want to expand your application security knowledge for either offensive or defensive purposes, this might be the talk for you.
Start time: 14:30